Link2Gov for Professional Crastination

Link2Gov: A Procrastinating Federal Taxpayer’s Best Friend

Federal balance-due tax payments accepted at PAY1040.com, BML.PAY1040.com and businesstaxpayment.com

MILWAUKEE--(BUSINESS WIRE)--Link2Gov Corp., a Metavante (NYSE:MV) company and IRS-authorized payment processor since 2003, today is reminding individuals and businesses of their secure, convenient and reliable electronic payment options for settling-up with Uncle Sam before midnight on April 15 — the federal tax deadline. Taxpayers can beat the clock with an electronic payment initiated at any of Link2Gov’s payment portals: www.PAY1040.com, 1-888-PAY-1040 and www.businesstaxpayment.com. Taxpayers with questions about the payment services can reach Link2Gov customer service agents at 1-866-658-5465.

Federal balance-due tax payments initiated through Link2Gov payment services1 are authorized in real-time, with the IRS-recognized payment date being the same date the transaction is successfully completed. Taxpayers receive a transaction confirmation number as an assurance they have completed the payment process. PAY1040.com and businesstaxpayment.com accept American Express®, Discover®, MasterCard®, and Visa® credit and debit cards, as well as debit transactions from cards participating in the NYCE®, PULSE® and STAR® payments networks. New for Tax Season 2009, Link2Gov also accepts Bill Me Later payments at BML.PAY1040.com.

“The key attributes of our federal tax payment programs — speed, convenience and knowing an IRS bill has been instantly paid — become increasingly vital as the deadline closes in on taxpayers,” said Frank D’Angelo, group president, Metavante Payment Solutions, which includes Link2Gov. “Taxpayers choosing Link2Gov services receive peace of mind, and depending on their issuing bank’s card program, the opportunity to earn rewards as well.”

About Metavante

Metavante Technologies, Inc. (NYSE:MV) is the parent company of Metavante Corporation. Metavante Corporation delivers banking and payments technologies to approximately 8,000 financial services firms and businesses worldwide. Metavante products and services drive account processing for deposit, loan and trust systems, image-based and conventional check processing, electronic funds transfer, consumer healthcare payments, electronic presentment and payment, outsourcing, and payment network solutions including the NYCE Network, a leading ATM/PIN debit network. Metavante (www.metavante.com) is headquartered in Milwaukee.

1Link2Gov collects a convenience fee for PAY1040.com, businesstaxpayment.com and BML.PAY1040.com services.

Metavante, NYCE, Link2Gov and Pay1040.com are registered trademarks of Metavante Corporation, which is the principal subsidiary of Metavante Technologies, Inc.

All other trademarks are the property of their respective owners.

Related articles

• Monitise & Metavante Launch Text Message Banking (pindebit.blogspot.com)
• BINBase.com Launches Major BIN Numbers Database Update (seomashup.blogspot.com)
• E-vidence of Paradigm Shift...MasterCard Focusing on Debit Business (pindebit.blogspot.com)
• Shoppers Choice Runs Acculynk PaySecure (tm) PIN Debit Transaction (pindebit.blogspot.com)

A Pain in the Bot!

To further illustrate how dangerous it is to use a personal computer as the conduit to financial transactions, I bring you the following article from the Associated Press, which was reprinted by "CapeCodeOnline." 

And to illustrate even further...I created, well an illustration...depicting the dangers that lurk out there.  (on left)  Let's see...you've got your Zombies and Black Hats, your Snakes and Sniffers, Bots and Hackers and key-logging grifters...

What did Sanford used to tell  Lizbeth?  Oh yeah...Lizbit...here I come..."its the big one!"  Stay tuned.  It'll happen and we'll cover it right here on the PIN Payments News Blog!  Here's some stuff that ought to make you think twice before you enter your primary account number via a keyboard.   Remember, Visa might cover your butt, but you still have to deal with the hassle involved, and that could take weeks, even months.  It's a pain in the bot! 

By JORDAN ROBERTSON - THE ASSOCIATED PRESS

SAN FRANCISCO — Getting hacked is like having your computer turn traitor on you, spying on everything you do and shipping your secrets to identity thieves.  Victims don't see where their stolen data end up. But sometimes security researchers do, stumbling across stolen-data troves that offer a glimpse of what identity theft looks like from criminals' perspective.

Researchers from U.K.-based security firm Prevx found one such trove, a Web site used as a stash house for data from 160,000 infected computers before it was shut down this month.  The find offers a case study on just how much data criminals are stealing every day, from the utterly inconsequential to the alarmingly private.

It also shows the difficulty in shuttering criminals' ID-theft beachheads: The Web site Prevx found, which was operating on a server in Ukraine, was still online for nearly a month after security researchers alerted the Internet service provider and law-enforcement authorities. The site was sucking up data from 5,000 newly infected computers each day.

The victims in the Prevx find are mostly everyday people handing over their passwords for Facebook and banking sites, along with their love notes and other e-mails. But more dangerous personal information is there, too, including Social Security numbers and other account information from one bank's infected computer.

Caches of stolen data like these are hidden throughout the Internet, usually locked away inside password-protected Web sites or heavily fortified servers. Prevx's researchers were able to infiltrate this site because it was protected with poor encryption.  (Editor's Note:  Isn't that profound.  The hackers had poor encryption...)

In that sense, the find illustrates how even sloppy crooks can vacuum up enormous amounts of information through massive "botnets" — armies of infected computers formed by spreading a computer virus that orders compromised machines to phone home for further instructions, such as sending out spam or relaying passwords.

The botnet Prevx found was only harvesting data, though Prevx said it could have been upgraded to do other things.

Ordinary Internet sessions are logged in great detail. One Southern California 22-year-old could be seen registering a domain name with GoDaddy.com, changing his Yahoo e-mail password and ordering a meal online from Pizza Hut. His credit card number, birth date, telephone number, address and passwords are now all in criminals' hands, though it's unclear what, if anything, criminals have done with the information yet.

Some victims are gold mines for sensitive data.  An infected computer at a Georgia bank exposed customer details and credentials for the bank's wire-transfer system. Bank employees were checking e-mail, looking up BMWs and Infinitis and working with customers' accounts on the same infected machine.

Government computers were also hit, including one in Texas that coughed up Web site logins for one of the government's health care providers, and another in North Carolina that revealed access to an agency's human resources system.

"This is giving criminals the keys to the castle," said Prevx's director of malware research, Jacques Erasmus. "Once they're into this system, it might not seem at this point like it's the biggest data heist ever, but this is how they get into a network. This is their game — they do this every day."

In other words, criminals start small, then use their first point of attack as a way to jump onto more sensitive computers. Researchers who discover these stolen-data caches then have to figure out what to do with them. Notifying victims is time-consuming and difficult, and researchers tend to focus on trying to get service providers to deactivate the servers before criminals get to the data on them.

Prevx said it alerted the site's Internet provider, the FBI and U.K. authorities about the breach it discovered. The company also talked to the affected bank, Doraville, Ga.-based Metro City Bank, a community bank whose Web site lists four locations, and Prevx said the bank has removed the infected computer.

One customer — Yoon-Kee Hong, a 22-year-old college student from Suwanee, Ga. — had signed up for an account with Metro City Bank just a month before learning about the breach. He said he had not been alerted by the bank that his Social Security number and other personal details were stolen.

After being told about the breach by The Associated Press, which picked his name from the files provided by Prevx, the student said he planned to cancel his account.  "I cannot trust them any more," he said. "They're not doing what they're supposed to do. They didn't even notify me. It's like they're trying to hide it from their customers."

He later relented and decided to stay with the bank after he was offered a new account and promises of fraud alerts.  The bank said in a statement that it is notifying customers and is investigating the breach, refusing to comment further. State officials in North Carolina and Texas didn't return calls on the breaches there. The FBI didn't return a call about the breaches.

Such finds are becoming more common as the barrier lowers for crooks to jump into the online identity-theft racket. Top-of-the-line viruses, also known as Trojans, can be had for under $1,000.  Joe Stewart, a SecureWorks Inc. botnet expert who was not involved in Prevx's research, said that last year, he helped shut down a command-and-control server for a huge botnet that had infected more than 378,000 machines and had stolen more than 460,000 usernames and passwords.

There are countless other smaller botnets, set up by less sophisticated criminals who steal as much data as they can and simply pull up stakes, and do it all over again, once their operation has been detected.  "The level of amateurness speaks to how widespread it is," Stewart said. "Literally anybody with a little bit of computer knowledge at all, if they have the criminal bent, can get access to one of these Trojans and get it out there and start stealing people's data."

Related articles

• Credit cards support terrorism (warintel.blogspot.com)
• Is Your PC Part of a Botnet? (readwriteweb.com)

House Questions Visa, Visa Questions Heartland, Heartland Has No Answers Yet

Heartland Data Breach: Visa Questions Processor's PCI Compliance

Visa Executive: "We've Never Seen Anyone Who Was Breached That Was PCI Compliant"


Despite the Heartland Payment Systems (HPY) data breach and other noted compromises, Visa staunchly supports the Payment Card Industry Data Security Standard (PCI DSS). 

This is the message from Adrian Phillips, Visa's Deputy Chief Enterprise Risk Officer, who in an exclusive interview hammers home the credit card company's support for the security standard - and suggests that, contrary to Heartland's own statements, the payment processor may not have been PCI compliant when it was breached sometime in 2008.

"We've never seen anyone who was breached that was PCI compliant," Phillips says without specifically naming - or excluding -- Heartland. "The breaches that we have seen have involved a key area of non-compliance."

Editor's Note:  Meanwhile the House is blaming V/MC...see next post and Heartlands stock (see chart below) continues it's free fall.  (well maybe not a "free" fall...it's costing shareholders some major kahunas.  And they're so UN-HPY...they're suing...

Interviewed during last week's Visa Security Summit in Washington, D.C., Phillips acknowledges Heartland and other recent breaches, but uses them as an opportunity to support the PCI standard. "Let's remember we've had some bad breaches, but if we had not had PCI DSS, it would have been much worse," Phillips says. "As of today, I am confident that PCI DSS works."

Phillips comments come one week after news that Visa had removed Heartland Payment Systems from its certified PCI-DSS Compliant Service Providers list.

Continue Reading at Bank Info Security

HPY, Heartland Payment Systems, Visa, PCI Compliant,

Related articles

• Heartland Threatening Legal Action (pindebit.blogspot.com)
• Visa Covers Butt By 'Delisting' Breached Credit Card Payment Processors [Data Breaches] (consumerist.com)
• Updated: Acculynk...Where's the PIN Offset? My Pet PVV (pindebit.blogspot.com)
• Visa Yanks Heartland/RBS Compliance Status - BTN (pindebit.blogspot.com)

House Says Visa, MasterCard Are to Blame for Hacks

House says Visa, MasterCard are to blame for security hacks, card compromises

• 06 Apr 2009

Editor's Note:  This obviously bodes well in Heartland's decision to defend their case vigorously.  However, the first shovel of dirt may have already been thrown on Heartland's grave.  Class action lawsuits by consumers, banks and shareholders mean a ginormous legal bill for HPY. 

The fines will be a mere pittance compared to what they may have to pay out in these legal cases.  Of course, with the government saying V/MC may be to blame, HPY's strategy may be to countersue.  That might keep them alive, but they'd still be dead in the water because they'll make bitter enemies out of V/MC in a court case. 

Meanwhile, Visa is already on making rumblings that Heartland may not have been in PCI compliance when the breach happened.  This is shaping up to be one heck of a legal battle.  We'll keep following the events as they develop.  Keep your eyes tuned to the PIN Payments Blog for regular updates in this matter.  - JBF

Forbes: In security breach cases last year, such as Hannaford Bros. supermarket and the card processing firm Heartland Payment Systems, cybercriminals gained access to millions of consumers' credit card details, and those criminals have yet to be identified and punished. So in a hearing last week, the House of Representative's Committee on Homeland Security turned its attention to the card networks, Visa and MasterCard, which are responsible for creating and enforcing the Payment Card Industry standards that failed to prevent those breaches. Given that both Hannaford and Heartland had complied with PCI rules, the congressional panel turned the spotlight on the credit card companies, arguing that their security measures need to be redesigned or supplemented with federal laws — a potential crackdown that could require changes on the part of both retailers and financial services companies.

Related articles by Zemanta

• Banks File Class Action Against Heartland (pindebit.blogspot.com)
• PCI Compliance FAQ (pindebit.blogspot.com)
• Is Heartland Hacker in Custody? (pindebit.blogspot.com)

The Day the Mighty Case(Y Convenience over Security) Struck Out!

Wow. American's ranked "financial security" as their top security fear!

So, to all those who continue to argue the "convenience" over "security" issue, it seems that "convenience" isn't such a good marketing ploy after all... is it? Hate to say I told you so! NOT!!! As I've stated all along, a "secure" software PIN Debit application (notice I didn't say "solution") is a Figment of the PIN-agination!

At the end of the day, perception rules, and if EFT Networks or Financial Institutions want to sell convenience over security, when financial security is American's biggest fear...then one might say they are barking up the wrong tree. I understand why they want software over hardware. It's more convenient! But according to this latest Unisys Security Index report, American's aren't buying it.

So, let's review:

• Convenience vs. Security. (Security Wins!)
• Card Present Rates vs. Card Not Present Rates (CP rates [are] lower...and thus CP Wins over CNP.)
• Hardware vs. Software (Software responsible for 92% of all breaches, Hardware, 1%, (Hardware Wins)
  

So, in three pitches, it look's like, with an 0-3 count, a software application for PIN Debit STRIKES OUT! Hope this "opens" some eyes to which company has the right pitch. (and which one is throwing the industry a curve, which has the screwball...and which...(nevermiind...I'll keep the knuckle comment in my head) Batter Up!

Enjoy Opening Day!

From the Unisys Security Index:

Nearly 75 percent of Americans believe that the global financial crisis increases their risk of identity and related fraud, according to the Unisys Security Index due to be released on Monday.

More than two-thirds surveyed said they are extremely or very concerned about other people obtaining and using their credit and debit card data, with 90 percent at least somewhat concerned.

Credit and debit card fraud is the top security concern for people, with 68 percent saying they are extremely or very concerned. And 66 percent said they are seriously concerned about unauthorized access to or misuse of personal information.

More than 40 percent of respondents said they are extremely or very concerned about security related to viruses and unsolicited e-mail.

Overall, people are more worried about their financial security and less worried about national security than in previous surveys, according to the survey.

The survey of more than 1,000 respondents in the U.S. was conducted from February 20-22.

Click here to download the full report. (PDF)

Related articles

• Figment of the PIN-agination!
  
• Safe-T-PIN Receives PCI 2.0 PED Certification - The Paypers (pindebit.blogspot.com)
• Chase Paymentech Predicts: PIN Debit Ubiquitous on Web by 2012 (pindebit.blogspot.com)
• Acculynk Accel/Exchange Announce PIN Debit Pilot (pindebit.blogspot.com)
• Updated: Acculynk...Where's the PIN Offset? My Pet PVV (pindebit.blogspot.com)
• E-vidence of Paradigm Shift...MasterCard Focusing on Debit Business (pindebit.blogspot.com)
• U.S.: Identity theft grows as hackers get savvier (cnn.com)

Pumping Up PIN Debit

Petroleum Equipment Forum -

VISA SAID TO EYE DELAY IN NEW PIN DEBIT RULE AT GAS PUMPs

Visa is believed to be considering postponing or at least easing some of its costly new security deadlines for dispensers.

At issue is whether the credit card company will delay requirements that marketers adopt a new encryption standard for PIN numbers on debit, known as Triple DES.

Currently, marketers must install new encryption devices by July 1, 2010 if they want to continue accepting PIN debit at the pump under Visa's new Payment Card Industry (PCI) standards.

Some refiners believe that that the current credit squeeze and equipment installation backlogs could lead Visa to push back the deadline by two years, to July 1, 2012.

Alternatively, Visa may opt to ease up on enforcement of a 2010 mandate, although majors consider that option less likely.

Visa is expected to make an announcement within the next month on which path, if either, it will take. Visa did not respond to a request for comment by presstime.

"We're all waiting to hear what Visa will do," says a marketing exec with one major. "People just aren't in a position to get the money right now, even if they want to get loans to comply."

Some oil companies are trying to help marketers scare up funds to start complying with multiple new PCI requirements. Shell, for example, has launched a program that offers marketers the ability to claim up to $500 in co-op funds per site for new software, or a 1ct/gal payment spread over two years.

While majors say they would welcome any such move by Visa, some are concerned that a postponement might give marketers an excuse to procrastinate further on PCI compliance.

"Retailers must realize that there will still be other PCI rules that they'll have to follow, so they shouldn't use any postponement as an excuse to put things off for too long," says one official.

Some marketers have been toying with the idea of not accepting debit cards at the islands in order to shave their PCI costs.

The most-talked about idea involves disabling PIN debit at dispensers. That would mean that customers who use a check card that can be processed as a debit or credit card would be forced to push the "credit" button on the pump for the sale to go through. The driver using a pure debit card would not be able to pay at the pump at all, but would have to go into the store to pay for fuel.

Alternatively, some marketers wonder if it would be possible to accept PIN debit at just one dispenser, slapping a decal on the pump to warn customers that they can only use their debit card at that dispenser, as first reported (OE 03/23/09).

The National Assn. of Convenience Stores says it would welcome any move by Visa that would give c-store operators more time to make "a reasoned assessment" as to whether the costs of upgrading to the new encryption devices at dispensers are worth the investment to keep PIN debit at the island. It is "a hard decision given the rising costs of PIN-debit transactions," NACS spokesman Jeff Lenard said.

pin debit at the pump, NACS, Jeff Lenard, PIN Debit, Visa

Related articles

• Acculynk and Pulse Agree to Pilot (pindebit.blogspot.com)
• Don't Regulate Credit Card Rates, Visa Chief Says (pindebit.blogspot.com)
• EU Drops Fines Threat Against MasterCard (abcnews.go.com)
• HomeATM Receives First Ever Internet PCI 2.0 PED Certification (pindebit.blogspot.com)
• BSMS - Both Sides of the Mouth Syndrome (pindebit.blogspot.com)

Visa Hit With Antitrust Case Again...This Time in Europe

Visa Europe Accused of Antitrust Violations by EU (Update2) - Bloomberg.com

By John Rega

April 6 (Bloomberg) -- Visa Europe Ltd. was charged with anticompetitive behavior by European Union regulators over payment-card fees after failing to cut its levies as much as MasterCard Inc. did to settle a similar case last week.

The company’s fee guidelines prevent competition among Visa-issuing banks and drive up the costs for stores accepting credit cards, the European Commission said today in a statement.

Five days after settling with MasterCard, Competition Commissioner Neelie Kroes is seeking further fee reductions on the 1.6 trillion euros ($2.1 trillion) of annual card payments in the region. Visa Europe, the operator of the largest card network in the region, must convince the commission its arrangement benefits consumers.

“I’m just staggered by this on a point of principle,” Visa Europe Chief Executive Peter Ayliffe told reporters on a conference call, adding he was “disappointed” not to at least reach a settlement on fees for debit cards.

Ayliffe said his point of principle was that the commission compared the economics of Visa cards versus using cash, rather than other forms of credit.

“We’ve got quite a bit of evidence,” he said, that Visa’s card systems save money for consumers. He declined to specify numbers on the grounds that they will be the basis of his defense.

Payment Systems

Visa Europe, like MasterCard, also argues that transaction fees are necessary to defray the costs of payment systems that benefit consumers and the economy.

The European Retail Round Table, an advocacy group for retailers that includes Wal-Mart Stores Inc. and Carrefour SA, has complained that the fee at issue raises costs by 13.5 billion euros a year.

The so-called interchange fee is based on the card company’s guidelines. It’s paid by the retailer’s bank to the bank that issued the customer’s card. The terms of last week’s MasterCard settlement will reduce fee revenue by 2.6 billion euros, halving the profitability of issuing cards, the Lafferty Group research and consulting firm estimated.

MasterCard, in its settlement, cut its credit-card fees to 0.30 percent per transaction, from a range of 0.80 percent to 1.90 percent in 2007. Debit-card fees were reduced to 0.20 percent, from at least 0.40 percent and in some cases more than 0.75 percent. The commission said the changes will save consumers 200 million euros a year.

Credit-Card Fees

Visa Europe on March 11 cut its credit-card fees to an average of 0.61 percent, from 0.7 percent, while debit-card transaction costs fell to an average of 18 euro cents per transaction, from 28 cents.

The commission said Visa Europe also restricts competition by requiring retailers to take any card without adding a surcharge, and by setting a flat fee for merchants that doesn’t make a distinction between the types of cards used.

The agency has the power to force antitrust violators to change their practices and impose fines of as much as 10 percent of yearly sales.

Visa Europe separated from Visa Inc. before the U.S. card company’s initial public offering a year ago. The London-based company, which is owned by its member banks, has sought an agreement with the commission on interchange since a previous settlement expired at the end of 2007.

To contact the reporter on this story: John Rega in Brussels at jrega@bloomberg.net.
Last Updated: April 6, 2009 12:58 EDT

You Say You Want a Revolution II

Revolution Money gets $42 million from Goldman

07:35 AM EDT  By Phil Wahba

NEW YORK (Reuters) - Revolution Money, an online payment firm backed by AOL co-founder Steve Case, said on Monday it has received funding of $42 million from a group that includes a Goldman Sachs (GS.N) affiliate and earlier investors Citigroup (C.N) and Morgan Stanley (MS.N).

Revolution Money, part of Washington-based Revolution LLC, competes with EBay Inc's (EBAY.O) PayPal service in peer to peer money transfers, and offers a credit card. 

Editor's Note:  Did you know that HomeATM provides TRUE peer to peer money transfers...i.e. you don't have to "load" a card with money in order to send money. 

That's the problem I see all the time.  Let's use the recently announced TwitPay as an example.   In order to use "TwitPay" users must first "load" or "FUND" their TwitPay account, which is administered by Amazon.  But Why?  What a PITA.  In order to use a peer to peer money transfer program you first have to transfer money to an account that you'll use to transfer money?  Sounds redundant.  Am I alone or do you perceive that as an extra unnecessary step as well? 

We say why "load or fund" a third party card when you can use the card you already have...you know, the one you need in order to "load or fund" that "third party" card.   

With HomeATM's money transfer program, it's simple.  You use YOUR email and YOUR EXISTING bank card to do it.  Therefore HomATM eliminates the painstakingly unnecessary task of "using your bankcard" to "load another card." 

How EZ is HomeATM's methodology? Just go to our site: www.HomeRemittance.com,  enter the email of the individual you'd like to send money to, pull out "your"existing bankcard, (again, not a third party card, but "yours") swipe it in our SafeTPIN device and enter your PIN.  You're done! 

The recipient gets an email, takes out "their bankcard"  swipes it in their SafeTPIN device, enters "their" PIN and instantaneously..the money is moved from your account to their account in "REAL-TIME." 

Nothing competes!  Anyway, back to the revolution...

The company will use the money to beef up its technology and help retailers promote the credit card, with a view to reaching 3 million retailers by 2011 despite tumbling U.S. retail sales, chairman Ted Leonsis told Reuters.

"We see more rapid adoption of our service as merchants fight in this economy for more margin from sales," said Leonsis, who owns the National Hockey League's Washington Capitals.

Revolution Money estimated its RevolutionCard credit card is accepted at about 650,000 locations in the United States including those of bookseller Barnes & Noble Inc (BKS.N), upscale grocer Whole Foods Market Inc (WFMI.O) and department store chain Nordstrom (JWN.N).

Leonsis said Revolution competes with PayPal by letting users transfer funds to one another for free and with major credit card issuers, such as Visa Inc (V.N) MasterCard Inc (MA.N) and American Express Co (AXP.N) by offering competitive interchange fees for merchants.

Interchange fees are paid by merchants to a credit card company when a customer makes a purchase.

The new investment follows on a $50 million funding in 2007 from Citi, Morgan Stanley and Deutsche Bank (DBKGn.DE), Case and others.

Despite attracting these investments in a difficult capital market, Leonsis said Revolution Money would not consider an initial public offering or put itself up for sale before 2011.

"Right now, we are focused on the build-out of the platform, but at some point to really scale the business, we would have to go public," Leonsis said.

Still, Leonsis thinks the business will be large enough in two years to attract public investors or a possible acquirer.

(Reporting by Phil Wahba; editing by Mohammad Zargham)

Related articles by Zemanta

• Payment Processor Revolution Money Pumped With $42M (blogs.wsj.com)
• Chase Paymentech and Revolution Money Expand RevolutionCard Merchant Acceptance (pindebit.blogspot.com)

WOW! Get a FREE HomeATM SafeTPIN! (including S&H)

Attention: PIN Payments Blog Readers! Get a FREE SafeTPIN PCI 2.0 PIN Entry Device!

In order to celebrate 2 years of painstaking engineering prowess, HomeATM CEO Ken Mages is presenting PIN Payments News Blog Readers with an "unprecedented" opportunity!

What do I have to do you ask?

Answer the poll, located on the sidebar to the right of this post and...send your email and shipping address to jfrank@homeatm.net and you will receive a FREE HomeATM SafeTPIN (including shipping, handling, processing etc.!)

Of course, we're not completely mad, so this is a limited time offer. 10 days or 2500 units...whichever occurs first.

So...partake in the poll, send me your email address (all emails will obviously be verified) and receive the worlds only PCI 2.0 PED designed for use on the web, (with online shopping, online banking, online authentication, Person 2 Person "real time" transactions, or even to simply send your money from one account to another!) Also works with Facebook, Twitter, Cell Phones, and as a standalone Point of Sale device... etc.

This is the SAFEST, MOST SECURE and OBVIOUSLY, THE LEAST EXPENSIVE way to protect your cardholder information.

The HomeATM SafeTPIN provides End-to-End Encryption, (including Track 2 Data) of your cardholder data and replicates a traditional retail store transaction...using a dually authenticated DUKPT process...previously unavailable to the general public. Oh...and did I mention it works with cell-phones? (Coming soon!!!...Blackberrys too!!!)

Remember, it's easy. Send me an email (jfrank@homeatm.net) ...enter "Free SafeTPIN" in the Subject Line, and of course, your home address...(where you want it sent to) HomeATM will provide you and your family with our recently PCI 2.0 Certified PED for FREE. No catches. HomeATM pays for shipping, handling, insurance, and the processing of your order.

Oh...and to read more about HomeATM's recent PCI 2.0 PED Certification, click the related link below:

Related Link Below!

HomeATM "Officially" PCI PED 2.0 Certified (pindebit.blogspot.com)
Online Theft Doubles...Fastenating! (pindebit.blogspot.com)

Society of Payment Security Professionals Analysis

Society of Payment Security Professionals - Compliance Demystified » Blog Archive » Summary of the Congressional Hearing on PCI DSS (update)

Summary of the Congressional Hearing on PCI DSS (update)
March 31st, 2009 by cmark Posted in PCI DSS

The Society of Payment Security Professionals’ own Dr. Heather Mark has completed an analysis on the congressional PCI DSS hearings. While there are a number of people who analyzed this, Heather’ brings a PhD in Public Policy, as well as deep experience in the payment card industry and PCI DSS and this is right in her wheelhouse. If you are interested in learning about incrementalism, issue attention cycles, lesson drawing, implementation by adaptation and other public policy models and seeing them in practice, then this article is for you. Read all 17 pages here!

Society of Payment Security Professionals, PCI DSS, Dr. Heather Mark, Chris Mark, Aegenis Group, Congressional Hearing on PCI DSS

HPY Shareholders Sue Heartland in Class Action

HPY Shareholders Not So HPY afterall...

Editor's Note:  The graphic depicted (below/right) documents a 42% drop in shareholder value on January 22nd.  Heartland stock has dropped as low as $3.57 per share on March 9th vs.  a 52 week high of $33.00.  Although they're HPY shareholders, apparently they're not HPY enough to prevent them from partaking in a class action lawsuit. 

Shareholder Class Action Filed Against Heartland Payment Systems, Inc.

By the Law Firm of Barroway Topaz Kessler Meltzer & Check, LLP


RADNOR, Pa., April 3 /PRNewswire/ -- The following statement was issued today by the law firm of Barroway Topaz Kessler Meltzer & Check, LLP:

Notice is hereby given that a class action lawsuit was filed in the United States District Court for the District of New Jersey on behalf of purchasers of Heartland Payment Systems' ("Heartland" or the "Company") (NYSE: HPY) securities between February 13, 2008 and February 23, 2009, inclusive (the "Class Period").

If you wish to discuss this action or have any questions concerning this notice or your rights or interests with respect to these matters, please contact Barroway Topaz Kessler Meltzer & Check, LLP (Darren J. Check, Esq. or David M. Promisloff, Esq.) toll free at 1-888-299-7706 or 1-610-667-7706, or via e-mail at info@btkmc.com.

The Complaint charges Heartland and certain of its officers and directors with violations of the Securities Exchange Act of 1934. Heartland provides bank card payment processing services to merchants in the United States. More specifically, the Complaint alleges that the Company failed to disclose and misrepresented the following material adverse facts which were known to defendants or recklessly disregarded by them: (1) that the Company was in imminent danger of having the security of its processing system breached; (2) that the Company had not taken the proper steps to secure its systems; (3) that further, it was likely that the Company would not be aware such a breach occurred until weeks or months later; (4) that the Company had been notified of a potential breach in its security system; (5) that as a result, the Company would face significant costs related to, among other things, liability and the implementation of proper measures; and (6) that the Company lacked adequate internal controls.

On January 20, 2009, the Company shocked investors when it disclosed for the first time that it was the victim of a security breach within its processing system in 2008. The Company stated that it found evidence of an intrusion the previous week and notified federal law enforcement agencies. Heartland stated that it immediately took a number of steps to further secure its systems. Then, on January 22, 2009, Bloomberg published an article about the breach. The article stated that the breach may have involved 100 million accounts, which would be double the size of the largest such theft in history. Upon the release of this news, the Company's shares declined $5.93 per share, or 42.03 percent, to close on January 22, 2009 at $8.18 per share, on unusually heavy trading volume.

On February 24, 2009, the Company announced disappointing quarterly financial results in an earnings press release. Additionally, the Company announced that it was cutting its dividend 72 percent, and further warned that it could face losses due to the security breach. Later that day, during an earnings conference call, defendants disclosed that the Company was under investigation by the SEC, the United States Department of Justice, the United States Federal Trade Commission, and the Office of the Comptroller of the Currency. Upon the release of this news, the Company's shares fell an additional $2.31 per share, or 30.20 percent, to close on February 24, 2009 at $5.34 per share, also on unusually heavy trading volume.

Plaintiff seeks to recover damages on behalf of class members and is represented by the law firm of Barroway Topaz Kessler Meltzer & Check which prosecutes class actions in both state and federal courts throughout the country. Barroway Topaz Kessler Meltzer & Check is a driving force behind corporate governance reform, and has recovered billions of dollars on behalf of institutional and individual investors from the United States and around the world.

For more information about Barroway Topaz Kessler Meltzer & Check or to sign up to participate in this action online, please visit www.btkmc.com

If you are a member of the class described above, you may, not later than May 5, 2009, move the Court to serve as lead plaintiff of the class, if you so choose. A lead plaintiff is a representative party that acts on behalf of other class members in directing the litigation. In order to be appointed lead plaintiff, the Court must determine that the class member's claim is typical of the claims of other class members, and that the class member will adequately represent the class. Your ability to share in any recovery is not, however, affected by the decision whether or not to serve as a lead plaintiff. Any member of the purported class may move the court to serve as lead plaintiff through counsel of their choice, or may choose to do nothing and remain an absent class member.

CONTACT: Barroway Topaz Kessler Meltzer & Check, LLP
Darren J. Check, Esq.
David M. Promisloff, Esq.
280 King of Prussia Road
Radnor, PA 19087
1-888-299-7706 (toll free) or 1-610-667-7706
Or by e-mail at info@btkmc.com

HPY, Class Action, Heartland Payments Systems, Robert O. Carr, SEC Violations

Is Twitter Googliscious?

Twitter Co-Founder Responds to Google Rumor -- Seeking Alpha

Here's an excerpt from an article on Seeking Alpha addressing the latest about the rumors about whether Google is interested in acquiring the whole tweety bird or if it just wants to utilize Twitters real-time feed to speed indexing.  Oh and while your here, if you'd like to follow this blog on Twitter (click graphic on left), we'd love to have ya!  - JBF

From Seeking Alpha

"My inbox is flooded this morning with requests for a response to the latest Internet speculation about where Twitter is headed," blogs Twitter Inc. co-founder Biz Stone in a post entitled "Sometimes we talk." It comes in response to a report Thursday night that Google Inc. (NASDAQ:GOOG) is in talks to acquire the fast-growing microblogging service.

"It should come as no surprise that Twitter engages in discussions with other companies regularly and on a variety of subjects," continues Stone. "Our goal is to build a profitable, independent company and we're just getting started."

Sources close to Twitter tell The Deal the rumor of a potential "Twoogle" is without foundation.

TechCrunch co-editor Michael Arrington created quite a stir in the Twit-osphere when he posted a blog late Thursday saying, "Here's a heck of a rumor that we've sourced from two separate people close to the negotiations: Google is in late- stage negotiations to acquire Twitter."

In the middle of the night, another tech reporter blogged a different story.

"While the news that Google was in 'late-stage' talks to acquire Twitter, which TechCrunch reported last night, certainly sounds exciting, it isn't accurate in any way, according to a number of sources BoomTown spoke to close to the situation," blogged Kara Swisher, co-executive editor of AllThingsDigital, which publishes the BoomTown blog.

Continue Reading at Seeking Alpha

Related articles by Zemanta

• Google close to buying Twitter? - VNUNet.com (vnunet.com)
• Google May Buy Twitter. Or Not. But Why is Twitter So Hot? (gigaom.com)
• Will Google Get Shamed Into Buying Twitter? [Shut Up, Twitter] (gawker.com)
• Twitter Tweaks Its Title Tags For Better Google Juice (techcrunch.com)
• Twitter Founder Biz Stone's Hilarious Colbert Interview (Video) (mashable.com)
• Report: Google in 'late-stage' talks to buy Twitter (news.cnet.com)

Consumer Group Wants V/MC Profits Audited

Consumer group wants audit into credit card profits - Montreal Gazette

The federal government's financial regulator should audit the credit-card operations of Canada's banks to figure out whether their profit margins are tantamount to gouging, a leading consumer group testified Thursday at a parliamentary probe into the credit and debit markets.

A day after the Canadian Bankers Association declined to answer a pointed question from senators about how much banks make for every dollar invested in the credit-card business, the country's bank accountability coalition said it's time the Financial Consumer Agency of Canada or the auditor general is allowed to go in and get the answers.

"The solution is to empower the FCAC or auditor general to do an audit of actual costs and revenues and actual profit margins," said Duff Conacher, chairman of the Canadian Community Reinvestment Coalition. "Simply having a public report would cause fees and rates to come down the next day because I think there's ample evidence of gouging going on."

He cited unilateral increases of interest rates and extra fees charged on purchases made outside Canada as examples.

"Based on what? Who knows. That's why we need an audit. . . . The banks have all the figures and they can claim anything they want," said Conacher.

The FCAC, established by the government in 2001, enforces consumer-protection laws and monitors codes of conduct at banks and federally incorporated trust, loan and insurance companies.

Continue Reading at the Montreal Gazette

Hacker, 22, Sentenced to 5 Years in Prison

Maple Grove hacker gets 5 years for stealing credit card data

Star Tribune

A previously convicted Maple Grove (Minnesota) computer hacker has been sentenced to five years in prison for stealing credit card information from thousands of victims to add to restaurant gift cards and then selling them on Craigslist.  (Editor's Note: It's about time some of these sentences starting getting a little harsher Mann.)

Zachary W. Mann, 22, sentenced Tuesday in Minneapolis, pleaded guilty in June to wire fraud and aggravated identity theft.

According to Mann's plea agreement, he stole credit card account information over the Internet from individuals over a three-month period early last year.

Mann obtained the credit card information from thousands of victims by hacking into an Internet-based order processing server. He then added to gift cards he bought for small amounts at restaurants. He then would sell the inflated gift cards on Craigslist.

According to the plea agreement, Mann committed these offenses while he was on supervised release in connection with a December 2006 federal conviction for conspiracy to commit computer fraud and aggravated identity theft in Florida.

In that case, Mann admitted tapping personal information on actor Laurence Fishburne (Editor's Note: Within the fraud "Matrix"I couldn't help but notice how much more apropos it would be if they said Laurence was Phish-Burned by this Mann)  and other celebrities but denied that what he and his cohorts did was wrong. 

Laurence Fishburne, Hacker, Craigslist, Zachary W. Mann

Related articles by Zemanta

• Credit cards support terrorism (warintel.blogspot.com)
• U.S.: Identity theft grows as hackers get savvier (cnn.com)

Social Responsibility - Priceless!

News: Mastercard lunches with Eden Project for first CSR campaign - Marketing Week

Mastercard announced earlier this week that it would run its first corporate social responsibility-themed Priceless ad campaign in the UK. The ads form part of a partnership between the credit card company and The Eden Prject organisation called The Big Lunch.

The Big Lunch is a social cohesion scheme aiming to get the whole of the UK to sit down with their neighbours on their street and have lunch on July 19, 2009. The Mastercard campaign for the initiative, which uses the tagline "Turning your street into a neighbourhood - priceless" launched in national print media on Tuesday. A TV campaign will follow in May, with social media elements added at a later date.

With the credit industry under scrutiny following the financial turmoil of the past few months, Master-card is hoping that advertising this partnership will help position the company as one that understands "what matters to people" in any economic environment.

Mastercard vice-president of marketing for the UK and Ireland Ben Rhodes says: "We're a brand that is in most people's pockets. We're a huge enabler of commerce in the UK so we can't pretend we don't exist just because there is a tricky economic climate. Now's when you have to be brave and stand up for what you believe are the right things."

As many corporate sponsorships are coming under fire from consumers (see cover story, page 16), Mastercard claims that focusing on social change is "the right thing" for 2009. Although the brand has long been a sponsor of sporting and music events, such as the UEFA Champions League and The Brits, its competitor Visa has been more involved with community projects through its Olympics sponsorship scheme.

Rhodes claims the company had been keen to boost its involvement in community areas for a long time but felt it didn't have "permission in the space to say: 'let's create social change'. We have a reputation tracker and one of the key drivers is about being seen to have a positive effect on society. But this wasn't something we could do on our own."

On board as a partner

Mastercard's involvement in the project began after The Eden Project's founder Tim Smit, and Paul Twivy, chief executive of The Big Lunch, approached the company back in the summer of 2008. While Royal Mail, EDF Energy and the Post Office signed up as "supporter" brands, Mastercard is the sole "partner" company for the initiative.

Aside from the consumer advertising campaign, Mastercard is pushing the initiative to its partner bank businesses. These banks make the decision whether consumers have the Visa or Mastercard logos on their cards, so it is vital for the brand to utilise any partnerships to push preference among the banks.

Rhodes adds: "One of the key roles and tenets of our marketing is to make sure we have assets that can be used, whether intellectual, reputation or sponsorship, that we can use to help drive our customers' businesses."

Continue Reading at MarketingWeek.

Twit This: Google to Buy Twitter?

April 3rd, 2009 · by David Bradley

UPDATE: Twitter is not negotiating a sale with Google, according to Kara Swisher. The AllThingsD journalist says acquisition talks are first touted by TechCrunch (see below) are inaccurate.

However, the two are in talks focused on “product-relateddiscussions”, Swisher reports, which makes more sense and confirms myearlier post about Google and Twitter being in cahoots.

It came a day late to be an April Fool’s but rumors are trendingacross the twitterhood, on the blogosphere, and just plain in the newsthat Google is in late stage talks to acquire microblogging siteTwitter for $250m cash, half what Facebook offered for the plugged incelebrity’s favorite web service.

TechCrunch claims it has confirmation from two independent sources close to the talks that a deal is imminent.

This ties in with my thoughts of a few days ago about cross-linkedactivity between Google SERPs and twitter changes. I tweeted how google and twitter were in cahooots well over a week ago.

There is quite a lot of discussionon Twitter itself regarding this putative acquisition, much of itsimply retweets of the TechCrunch link and remarkably few expletives sofar.

What such an assimilation will mean for millions of tweeps willremain to be seen, although you can get your bottom adword dollar thatone thing that will certainly change is that Google will slap itsAdSense program all over your tweets within weeks of the legal papersbeing deposited. Whether or not you see that as a good or a bad thingwill depend on whether you think making money from your online outputis a viable business model or a way to boost pocket money.

Old update: Yet another source says the acquisition discussions are stillfairly early stage, and the two companies are also considering workingtogether on a Google real time search engine.

Related articles

• Google May Buy Twitter. Or Not. But Why is Twitter So Hot? (gigaom.com)
• Twitter could be Googled (nevillehobson.com)
• What The Hell Is Going On At Facebook? (allfacebook.com)
• Twitter-Google: The Conspiracy Theory (markevanstech.com)
• Report: Google in 'late-stage' talks to buy Twitter (news.cnet.com)
• If Twitter Is For Sale, Who Should By It? (regulargeek.com)
• Google to Buy Twitter (sciencetext.com)

Private Facebook Details are Public Information

Public Search Engines Mine Private Facebook Details - DarkReading

By Kelly Jackson Higgins
DarkReading

Another reason to be careful what you post on Facebook:

All it takes is a simple Google search, and phishers and marketers can glean a treasure trove of private information based on relationships among Facebook "friends," according to new research.

Researchers from the U.K.'s University of Cambridge recently published a paper (PDF) detailing a project in which they developed a software tool to correlate and map Facebook profiles they found via public search engines, such as Google, to build detailed maps of relationships among Facebook members.

Continue DarkReading

facebook, google search,

Related articles by Zemanta

• Google to Buy Twitter (sciencetext.com)
• Sources: Google In Late Stage Talks To Acquire Twitter (techcrunch.com)

Skimming, Cloning and Fraud in D.C.Restaurants

Washington D.C. Restaurants Become Credit Card Cloning Hot Spots | Threat Level from Wired.com

By Kevin Poulsen

Four former servers at three upscale Washington D.C. restaurants blocks from the White House were arrested last week for allegedly using covert skimming devices to clone customer credit card data, in a year-long counterfeiting operation that's put $750,000 in fraudulent charges on the plastic of Washington's elite.

Servers at Clyde's of Gallery Place, M&S Grill, and 701 Restaurant, along with Maryland workers at Carrabba's Italian Grill and the Gaylord Hotel, allegedly stole the card numbers. According to the Secret Service, the data wound up in the hands of 28-year-old Joseph Artemus Bush, III, a Maryland man who was repeatedly caught on surveillance video using counterfeit cards with the skimmed account numbers.

Bush's alleged MO was to purchase American Express gift cards at area Target and Walmart stores, then redeem them at high-end shops like Barney's of New York and Gucci. Last week he was charged with credit card fraud, along with two alleged confederates, Erick V. Burton and Aaron Gilbert. The four servers charged are Lavelle Denise Payne, Shannon Eileen McLaughlin, Jamaal Snowden and Simone Carrie Diane Folk.

Skimmer With unobserved access to diner's credit cards, restaurant wait staff have long been the source of a steady stream of stolen magstripe data. It takes only a second to swipe a customer's card through a tiny skimming device purchasable over the internet, which is easily concealed in pocket or apron.

Corrupt servers are typically recruited by a ringleader who encodes the data -- like customer names and account numbers -- onto blank cards, in some cases turning out full blown replicas, complete with holograms. The servers often earn up to $50 per card if they work at an upscale eatery, down to just $10 each if, as in a recent Florida case, the cards were stolen from a Burger King.

The D.C. skimming ring was first spotted a year ago by Citibank, which noticed a froth of fraudulent transactions trailing legitimate card use at Clyde's, where cards skimmed by a single server wound up accounting for $107,000 in bogus charges.

The most prestigious, and recent, hot spot was 701 Restaurant, the clubby eatery where Hillary Clinton rang out her presidential campaign last June. Restaurant owner Ashok Bajaj says the Secret Service told him about the skimming earlier this month. According to court records, cash register logs tied $38,000 in fraudulent transactions to cards handled by server Lavelle Denise Payne from August 2008 until this month.

At the agency's request, Bajaj kept Payne on for another week while the government firmed up its case. "We watched her very carefully for that week," says Bajaj. "She was the nicest person. I don't know. Maybe this is a sign of the economy."

"It's very sad when people do these things," Bajaj adds. "I mean, she was making excellent money working at the restaurant. But I guess it's never enough."

Update March 31, 2009 | 12:30:00: A fifth server -- Vasha Monique Carter -- has been arrested in St. Augustine, Florida, and is scheduled for a preliminary hearing in Jacksonville on Wednesday. Like defendants McLaughlin and Folk, Carter is a former waitress at M&S Grill in D.C.

Related articles by Zemanta

• Washington DC hit by credit card cloning (inquisitr.com)
• Amex Wants To Play "Scam Call" With You, Please Participate [American Express] (consumerist.com)
• Belgiums Waffliing Over Net Security (pindebit.blogspot.com)

Blackberry Storm Boosts RIM's Results

Stock Surges Almost 23% as 26 Million Devices Shipped in FY09

Published:03-April-2009
By Steve Evans - Computer Business Review

Research in Motion (RIM) has revealed revenue for fourth quarter of fiscal 2009 of $3.46bn (£2.33bn), up 84% year on year. Net income for the quarter stood at $518.3m (£350m), up from $412.5m (£278m) the previous year.

Revenue for the financial year ended February 28, 2009 was $11.07bn (£7.45bn), up 84% from $6.01bn (£4.06bn) the previous year. Net income for the year came in at $1.89bn (£1.27bn), a 46.3% increase from the previous financial year.

During FY09 Q4, RIM shipped about 7.8 million devices while about 26 million were shipped during the financial year, boosted no doubt by the release of the BlackBerry Storm, RIM’s first touchscreen smartphone, released in October 2008 in direct competition to Apple’s iPhone.

The Storm has certainly impacted on RIM’s financial results. Approximately 83% of revenue generated during the quarter was from devices, 12% was through services, 2% came from software and the remainder from other means.

The company also added 3.9 million new accounts during the quarter and its subscriber base now stands at roughly 25 million.

Jim Balsillie, Co-CEO at RIM, said: “We are very pleased to report another record quarter with standout subscriber growth that speaks volumes about the early success and momentum of our new BlackBerry products.

“RIM experienced an extraordinary year in fiscal 2009, shipping our 50 millionth BlackBerry smartphone and generating $11bn in revenue. Looking ahead into fiscal 2010, we see exceptional opportunities for RIM and its partners to leverage the investments and success of the past year to continue growing market share and profitability.”

Guidance for FY10 Q1 suggested revenue in the region of $3.3-$3.5bn

Related articles

• RIM's Q4 result beats forecasts, shares soar (financialpost.com)
• BlackBerry maker profit hits $518.3M (money.cnn.com)
• RIM surprises analysts, and itself, with Q4 results (cbc.ca)
• The Eye of the (BlackBerry) Storm (Arik Hesseldahl/Business Week) (techmeme.com)
• Bumpy Start for BlackBerry Storm (Wall Street Journal) (techmeme.com)